漏洞平台

POC详情： be41adf44b82837fa2b58e3a3c24042c72b32dd2

来源

https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker

关联漏洞

标题： OpenSSH 安全漏洞 (CVE-2024-6387)
描述：OpenSSH（OpenBSD Secure Shell）是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现，支持对所有的传输进行加密，可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞，该漏洞源于信号处理程序中存在竞争条件，攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。

描述

This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.

介绍

# CVE-2024-6387 Vulnerability Checker

### Overview
This Python script is designed to check SSH servers for the CVE-2024-6387 vulnerability, specifically targeting the recently discovered **regreSSHion**, which is associated with specific versions of OpenSSH. The tool supports multiple IP addresses, URLs, CIDR ranges, and ports, and can also read addresses from a file. The results are displayed in a categorized and color-coded manner for better readability.

![regreSSHion](https://ik.imagekit.io/qualys/wp-content/uploads/2024/06/Q-regreSSHion-1200x628-1-1070x560.jpg)

Created by **Filipi Pires - Senior Threat Researcher & Cybersecurity Advocate**

### Features
- **Customizable**: Specify multiple IP addresses, URLs, CIDR ranges, and ports.
- **File Input Support**: Read addresses and ranges from a file.
- **Color-Coded Output**: Easily distinguish between vulnerable, safe, unknown, and error results.
- **Network Range Handling**: Automatically expands CIDR ranges into individual IP addresses.

### Output

* SAFE: Non-vulnerable servers.
* VULNERABLE: Servers running a vulnerable version of OpenSSH.
* UNKNOWN: Servers with an unknown SSH version.
* ERROR: Servers that could not be accessed or resolved.

---

### Usage
### Command Line 

To run the script with multiple IPs, URLs, or CIDR ranges directly from the command line:
```
python3 CVE-2024-6387-Vulnerability-Checker.py <addresses> -p <ports> -t <timeout> 
```
* addresses: IP addresses, URLs, or CIDR ranges to check (space-separated).

* -p, --ports: Comma-separated list of port numbers for SSH (default: 22).

* -t, --timeout: Connection timeout in seconds (default: 5.0).

<img width="732" alt="image" src="https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker/assets/31785433/ed30e62a-3fff-4c40-8751-9a1bdd18adc1">

### From a File

To run the script with addresses specified in a file:
```
python3 CVE-2024-6387-Vulnerability-Checker.py -f <filename> -p <ports> -t <timeout>
```
* filename: File containing a list of IP addresses or CIDR ranges.

<img width="870" alt="image" src="https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker/assets/31785433/14eb7210-eb02-4d7e-bf36-f05fa3b08759">

### Example Usage

To check multiple IPs, URLs, or CIDR ranges directly from the command line:

```
python3 CVE-2024-6387-Vulnerability-Checker.py 192.168.1.1 192.168.1.2 192.168.1.0/24 example.com -p 22,2222 -t 5.0
```

* To check addresses from a file:
```
python3 CVE-2024-6387-Vulnerability-Checker.py -f addresses.txt -p 22,2222 -t 5.0
```

Example addresses.txt file:
```
192.168.1.1
example.com
192.168.1.0/24
```
---

## Contributing

### Contributions are welcome! Please follow these steps to contribute:

**1. Fork the Repository:** Click the **"Fork"** button at the top right of this page.

**2. Clone Your Fork:** Clone your forked repository to your local machine:
```
git clone https://github.com/YOUR_USERNAME/CVE-2024-6387-Vulnerability-Checker.git
cd CVE-2024-6387-Vulnerability-Checker
```
**3. Create a Branch:** Create a new branch for your feature or bugfix.
```
git checkout -b my-feature-branch
```

**4. Make Changes:** Make your changes to the code.

**5. Commit Your Changes:** Commit your changes with a descriptive commit message.
```
git add .
git commit -m "Description of the changes"
```

**6. Push Your Branch:** Push your branch to your forked repository.

```
git push origin my-feature-branch
```

**7. Create a Pull Request:** Go to the original repository on GitHub, and click **"New Pull Request"**. 
Select your branch from the compare dropdown, and submit your pull request.

---

### Launch

[July 09th-2024]
-  First Version - Launch

[August 28th-2024]
-  Repository Updated
---
### References
[Qualys's Blog - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server](https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server)

文件快照


 [4.0K]  /data/pocs/be41adf44b82837fa2b58e3a3c24042c72b32dd2
├── [1.1K]  LICENSE
└── [3.9K]  README.md

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。